Commit f7c3473e authored by Mark Harding's avatar Mark Harding
Browse files

(feat): oauth2 fixes with new password

parent 6a908812
......@@ -6,6 +6,8 @@ namespace minds\plugin\oauth2;
use OAuth2;
use Minds\Core\data;
use Minds\Entities\User;
use Minds\Core\Security\Password;
class storage implements
OAuth2\Storage\AccessTokenInterface,
......@@ -392,7 +394,17 @@ OAuth2\Storage\AuthorizationCodeInterface
public function checkUserCredentials($username, $password)
{
$username = strtolower($username);
$result = elgg_authenticate($username, $password);
$user = new User(strtolower($username));
if (!$user->username) {
return false;
}
try {
$result = Password::check($user, $password);
} catch (\Minds\Core\Security\Exceptions\PasswordRequiresHashUpgradeException $e) {
$result = true;
}
if ($result !== true) {
return false;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment